Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

173 advisories

Loading
File replacement vulnerability on some devices Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-54099 was published Dec 12, 2024
A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed
CVE-2024-48864 was published Mar 7, 2025
HCL Unica Platform is affected by unprotected files due to improper access controls.  These... Moderate Unreviewed
CVE-2025-31996 was published Oct 13, 2025
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap... Moderate Unreviewed
CVE-2025-48928 was published May 28, 2025
Vert.x-Web Access Control Flaw in StaticHandler’s Hidden File Protection for Files Under Hidden Directories Moderate
CVE-2025-11965 was published for io.vertx:vertx-web (Maven) Oct 22, 2025
FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and... Moderate Unreviewed
CVE-2025-58152 was published Oct 31, 2025
TCPDF Local File Inclusion vulnerability Moderate
CVE-2024-51058 was published for tecnickcom/tcpdf (Composer) Nov 26, 2024
Guava vulnerable to insecure use of temporary directory Moderate
CVE-2023-2976 was published for com.google.guava:guava (Maven) Jun 14, 2023
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data Moderate
CVE-2024-40767 was published for Nova (pip) Jul 24, 2024
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an... Moderate Unreviewed
CVE-2025-11371 was published Oct 9, 2025
Contrast has insecure LUKS2 persistent storage partitions may be opened and used Moderate
GHSA-f5p4-p5q5-jv3h was published for github.com/edgelesssys/contrast (Go) Oct 28, 2025
katexochen tjade273
Credited to katexochen and tjade273
IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due... Moderate Unreviewed
CVE-2025-33150 was published Nov 10, 2025
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM... Moderate Unreviewed
CVE-2022-34464 was published Jul 13, 2022
Tanium addressed an arbitrary file deletion vulnerability in TanOS. Moderate Unreviewed
CVE-2025-13225 was published Nov 19, 2025
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1... Moderate Unreviewed
CVE-2024-10126 was published Nov 20, 2024
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-12894 was published Nov 21, 2025
The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2025-12747 was published Nov 21, 2025
Umbraco Vulnerable to Improper File Access and Credential Exposure in Dictionary Import Functionality Moderate
CVE-2025-66625 was published for Umbraco.Cms (NuGet) Dec 9, 2025
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-14442 was published Dec 12, 2025
Liferay Portal Unauthenticated File Access via URL Moderate
CVE-2025-43749 was published for com.liferay.portal:release.portal.bom (Maven) Aug 20, 2025
The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in... Moderate Unreviewed
CVE-2025-12648 was published Jan 7, 2026
An arbitrary file deletion vulnerability has been identified in the command-line interface of... Moderate Unreviewed
CVE-2025-37177 was published Jan 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database